Sign in / up

back to article Invasion of the message body snatchers! Teams flaw allowed crims to impersonate the boss

Microsoft Teams, one of the world's most widely used collaboration tools, contained serious, now-patched vulnerabilities that could have let attackers impersonate executives, rewrite chat history, and fake notifications or calls – all without users suspecting a thing. Researchers at Check Point this week revealed four flaws in …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Pussifer
    Devil

    A Microsoft product with serious vulnerabilities - say it isn't so!

    Just in case - /s

    12 0 Reply
  2. b0llchit Silver badge
    Black Helicopters

    Read the terms and shiver

    Any sane person wouldn't touch teams with a three meter long stick. Everybody should be dropping it when you read the EULA and TOS because it allows microsoft to listen, store and disseminate for "service control and improvement". Unfortunately, nobody really reads this stuff and makes themselves vulnerable and easy targets. Makes you wonder who else can listen in... Oh, and microsoft isn't the only vendor with these problems.

    10 0 Reply
    1. may_i Silver badge
      Reply Icon

      Re: Read the terms and shiver

      Many of us don't have a choice. Our employers decide what we will run on our computers.

      18 1 Reply
      1. Doctor Syntax Silver badge
        Reply Icon

        Re: Read the terms and shiver

        Employers should certainly have their legal advisers read the T&Cs of anything significant irrespective of the supplier.

        OTOH I wouldn't be surprised if their advisers have already signed up without reading the T&Cs.

        5 0 Reply
      2. b0llchit Silver badge
        Reply Icon

        Re: Read the terms and shiver

        Actually, you have a choice, at least in the EU.

        0 3 Reply
  3. Anonymous Coward
    Anonymous Coward

    Microsoft Teams...contained serious, now-patched vulnerabilities that could have let attackers impersonate executives, rewrite chat history, and fake notifications or calls – all without users suspecting a thing.

    I've been saying this since I first looked at the API. It looks like it's built from cardboard and string. The fact that it's not actually had a massive data breach yet feels like sheer luck.

    4 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon